Gregory P. Smith <g...@krypto.org> added the comment:
Indeed, the `host` on that line there should just be ignored with the IP address of the original data connection used in its place. Your https://hackerone.com/reports/1040166 link provides plenty of information and likes to prior art mitigations other ftp clients including Firefox and Chrome well over a decade ago. ---------- assignee: -> gregory.p.smith nosy: +gregory.p.smith stage: -> needs patch versions: +Python 3.10, Python 3.6, Python 3.7, Python 3.8 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue43285> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
